Lucene search
K

12 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.46 views

Horde Framework Unserialize PHP Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

7.5CVSS0.3AI score0.42895EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2014/05/18 12:0 a.m.2 views

Horde Framework Unserialize PHP Code Execution (CVE-2014-1691)

An arbitrary PHP code execution vulnerability has been reported in Horde . An attacker can exploit this vulnerability to execute arbitrary code with the permissions of the web server...

3.2AI score0.42895EPSS
Exploits7
OSV
OSV
added 2014/04/01 3:55 p.m.8 views

CVE-2014-1691

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the formvars form...

7.4AI score
Exploits0References7
CVE
CVE
added 2014/04/01 3:0 p.m.98 views

CVE-2014-1691

CVE-2014-1691 affects Horde (

7.5CVSS7.5AI score0.42895EPSS
Exploits7References6Affected Software1
Circl
Circl
added 2014/03/22 12:0 a.m.10 views

CVE-2014-1691

creationtimestamp| type| source ---|---|--- 2014-03-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32439 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/hordeunserializeexec.rb 2025-02-06 03:13:41+00:00|...

7.5CVSS5.7AI score0.42895EPSS
Exploits7References2
0day.today
0day.today
added 2014/03/22 12:0 a.m.50 views

Horde Framework Unserialize PHP Code Execution

This Metasploit module exploits a php unserialize vulnerability in Horde versions 5.1.1 and below which could be abused to allow unauthenticated users to execute arbitrary code with the permissions of the web server. The dangerous unserialize exists in the 'lib/Horde/Variables.php' file. The...

7.5CVSS0.7AI score0.42895EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/03/22 12:0 a.m.42 views

Horde Framework - Unserialize PHP Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Horde Framework Unserialize PHP Code Execution', 'Description' = %q This module exploits a php unserialize vulnerability in Horde...

7.5CVSS6.4AI score0.42895EPSS
Exploits7
Metasploit
Metasploit
added 2014/03/18 1:47 a.m.31 views

Horde Framework Unserialize PHP Code Execution

This module exploits a php unserialize vulnerability in Horde 'Horde Framework Unserialize PHP Code Execution', 'Description' = %q This module exploits a php unserialize vulnerability in Horde 'EgiX', Exploitation technique and Vulnerability discovery originally reported by the vendor 'juan...

7.5CVSS0.6AI score0.42895EPSS
Exploits7
securityvulns
securityvulns
added 2014/02/11 12:0 a.m.81 views

[SECURITY] [DSA 2853-1] horde3 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2853-1 [email protected] http://www.debian.org/security/ Luciano Bello February 05, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.7AI score0.42895EPSS
Exploits7
Debian
Debian
added 2014/02/05 12:11 p.m.50 views

[SECURITY] [DSA 2853-1] horde3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2853-1 [email protected] http://www.debian.org/security/ Luciano Bello February 05, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.3AI score0.42895EPSS
Exploits7
OpenVAS
OpenVAS
added 2014/02/05 12:0 a.m.20 views

Debian Security Advisory DSA 2853-1 (horde3 - remote code execution)

Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize PHP function. A remote attacker could specially-craft one of those variables allowing her to load and execute code...

7.5CVSS0.7AI score0.42895EPSS
Exploits7References1
OpenVAS
OpenVAS
added 2014/02/04 12:0 a.m.25 views

Debian: Security Advisory (DSA-2853-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.42895EPSS
Exploits7References3
Rows per page
Query Builder